Indeed. I'm sure we need a whitelist, not a blacklist as suggested by
the other comment. All domains I'd ever want to create would match
the regexp
^[[:alpha:]][-_[:alnum:]]*$
This might break existing users however.

Wonder if there are characters supported by some hypervisors, but not
others?
ie maybe Xen supports '/', '*', '+' in guest names, but ESX doesn't
That could lead to some interesting guest import problems. :(